[Bug 731625] Re: [CVE-2009-0385] arbitrary code excecution via NULL pointer dereference

Launchpad Bug Tracker Wed, 09 Mar 2011 16:11:12 -0800

This bug was fixed in the package mplayer - 2:1.0~rc2-0ubuntu13.2

---------------
mplayer (2:1.0~rc2-0ubuntu13.2) hardy-security; urgency=low


  * SECURITY UPDATE: Integer signedness error in the fourxm_read_header
    function in libavformat/4xm.c in FFmpeg before revision 16846 allows
    remote attackers to execute arbitrary code via a malformed 4X movie
    file with a large current_track value, which triggers a NULL pointer
    dereference. (LP: #731625)
    - libavformat/4xm.c - patch from ffmpeg package in hardy-security
    - References:
      + CVE-2009-0385
 -- Firas Kraiem <fi...@fkraiem.org>   Tue, 08 Mar 2011 22:53:14 +0100

** Changed in: mplayer (Ubuntu Hardy)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/731625

Title:
  [CVE-2009-0385] arbitrary code excecution via NULL pointer dereference

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 731625] Re: [CVE-2009-0385] arbitrary code excecution via NULL pointer dereference

Reply via email to